Single Sign-On Azure AD

Created by: Arnar Leifsson

This article will walk through how to set up single sign-on using Azure AD and how the authentication flow changes along with that setup.

  1. Setup an application in Azure AD
  2. Setup in exMon
  3. Authentication flow
    1. Web client
    2. Desktop application

Setup an application in Azure AD

The first step in order to enable single sign-on using Azure AD is to set up an application in your company Azure AD. These are the steps that are required to set up an application:

  1. Navigate to https://portal.azure.com and sign in with your credentials
  2. Press the View button to manage your Azure Active Directory




  3. In the left navigation pane press App registrations




  4. Next in the top navigation pane click New registration




  5. Fill in the new application information as seen below and press the Register button



  6. Next click Add an Application ID URI





  7. Click the Overview button in the left navigation pane and then click the Redirect URIs link to register configurations for the desktop application






  8. Click the API Permission tab on the left navigation pane
  9. Select the User
  10. Read line and click Grant admin consent for X

 

 

Setup in exMon

At the time of writing, all configurations are set up by ExMon Software so the correct information must be included in a ticket created here. Start by navigating to the overview for the application just created in Azure AD.



 

The template for the email could be something like this:


Azure Active Directory configuration

  • Application ID: {your-application-id-uri}
  • Tenant ID: {your-tenant-id}
  • Federation metadata document:{your-federation-metadata-document}

Authentication flow

After the configuration has been set up and the application registered the flow in both the desktop application and web client will be slightly different.


Web client

Navigate to https://login.exmon.com and enter your email

If you have set up single sign-on using Azure AD, you will be redirected to your companies login site and it will probably look something like this:



Desktop application

Open up the desktop application. We are using exMon Data Management as a demonstration in this example, but the same principle applies to exMon Data Governance as well.



Arnar is the author of this solution article.